Hi Guys, I'm having quite a funky issue. I've searched MS forums, but can't find an answer that helps and I'm at a loss.

HISTORIC INFO:

DC at a remote site serves AD DS, DNS services, hosts file server services. One morning my help desk got nailed with tickets re- "cannot reach file shares". I thought it's a network issue initially, but soon came to realize that was not the case. So ... when I whack whack (\\hostname\share) I can't reach the server. I can ping it, access shares on other devices from it, but can't reach it on the network. AD is unavailable, can't join new devices to the domain etc.

Ran DCDIAG and got the logs below. Anyone seen this before / know what I can do to restore this? I don't really want to redo this entire environment, nor do I want to rebuild all the DB's on this server (which funny enough can be connected to?)

The main goal is to get the domain back up and running, introduce a new DC to the environment and promote it to PDC. If I can do that, I'll die happy lol. LOG below;

Directory Server Diagnosis

Performing initial setup:

Trying to find home server...

Home Server = EDN-SERVER

* Identified AD Forest. Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\EDN-SERVER

Starting test: Connectivity

......................... EDN-SERVER passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\EDN-SERVER

Starting test: Advertising

......................... EDN-SERVER passed test Advertising

Starting test: FrsEvent

......................... EDN-SERVER passed test FrsEvent

Starting test: DFSREvent

......................... EDN-SERVER passed test DFSREvent

Starting test: SysVolCheck

......................... EDN-SERVER passed test SysVolCheck

Starting test: KccEvent

A warning event occurred. EventID: 0x80000829

Time Generated: 12/06/2017 14:50:46

Event String:

This directory partition has not been backed up since at least the following number of days.

A warning event occurred. EventID: 0x80000829

Time Generated: 12/06/2017 14:50:46

Event String:

This directory partition has not been backed up since at least the following number of days.

A warning event occurred. EventID: 0x80000829

Time Generated: 12/06/2017 14:50:46

Event String:

This directory partition has not been backed up since at least the following number of days.

A warning event occurred. EventID: 0x80000829

Time Generated: 12/06/2017 14:50:46

Event String:

This directory partition has not been backed up since at least the following number of days.

A warning event occurred. EventID: 0x80000829

Time Generated: 12/06/2017 14:50:46

Event String:

This directory partition has not been backed up since at least the following number of days.

......................... EDN-SERVER passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... EDN-SERVER passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... EDN-SERVER passed test MachineAccount

Starting test: NCSecDesc

......................... EDN-SERVER passed test NCSecDesc

Starting test: NetLogons

[EDN-SERVER] User credentials does not have permission to perform this

operation.

The account used for this test must have network logon privileges

for this machine's domain.

......................... EDN-SERVER failed test NetLogons

Starting test: ObjectsReplicated

......................... EDN-SERVER passed test ObjectsReplicated

Starting test: Replications

[Replications Check,EDN-SERVER] DsReplicaGetInfo(PENDING_OPS, NULL)

failed, error 0x2105 "Replication access was denied."

......................... EDN-SERVER failed test Replications

Starting test: RidManager

......................... EDN-SERVER passed test RidManager

Starting test: Services

Could not open NTDS Service on EDN-SERVER, error 0x5

"Access is denied."

......................... EDN-SERVER failed test Services

Starting test: SystemLog

An error event occurred. EventID: 0x00003006

Time Generated: 12/06/2017 14:01:54

Event String:

The SAM database was unable to lockout the account of Administrator due to a resource error, such as a hard disk write failure (the specific error code is in the error data) . Accounts are locked after a certain number of bad passwords are provided so please consider resetting the password of the account mentioned above.

An error event occurred. EventID: 0xC00A0032

Time Generated: 12/06/2017 14:18:46

Event String:

The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.

An error event occurred. EventID: 0x00000457

Time Generated: 12/06/2017 14:22:02

Event String:

Driver Microsoft Print To PDF required for printer Microsoft Print to PDF is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 12/06/2017 14:22:03

Event String:

Driver KONICA MINOLTA Universal PCL required for printer !!192.168.0.2!KM Container is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 12/06/2017 14:22:03

Event String:

Driver Canon Generic Plus PCL6 required for printer !!192.168.0.2!Canon Generic Plus PCL6 is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 12/06/2017 14:22:04

Event String:

Driver Canon Generic Plus PCL6 required for printer !!192.168.0.2!Container Printer is unknown. Contact the administrator to install the driver before you log in again.

An error event occurred. EventID: 0x00000457

Time Generated: 12/06/2017 14:22:07

Event String:

Driver Send to Microsoft OneNote 16 Driver required for printer Send To OneNote 2016 is unknown. Contact the administrator to install the driver before you log in again.

13 Replies

Have you tried restarting your DC yet? It seems like once you've reached this level of failure, the environment is disrupted to the point that there's no net loss in trying. I apologize if you've already done it, I just don't see it in your history.

It also looks like a lot of these tests are failing due to the credentials used to run them. Can you try that test again, but from a command prompt that you launch by right-clicking on command prompt and clicking "run as administrator," to see if you get different results?

Hi Justin, thanks for the tip. I've run the command, please see below;

Text

[EDN-SERVER] No security related replication errors were found on this
DC! To target the connection to a specific source DC use
/ReplSource:<DC>.
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
DsReplicaSyncAllW failed with error
The naming context specified for this replication operation is invalid..
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
Test results for domain controllers:
DC: EDN-SERVER.haygrove-edn.local
Domain: haygrove-edn.local
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: haygrove-edn.local
EDN-SERVER PASS WARN PASS PASS PASS FAIL n/a
......................... haygrove-edn.local failed test DNS

Also whilst answering Paul's question, this looks like an additional DC in the domain, can you run a repadmin /replsummary from an elevated command prompt and post those answers? Check DNS on the server adapter is correct, check the hosts file for any kludges which need removing and then the local DHCP server to ensure it is handing out the right AD DNS servers to clients and not providing a router as a secondary dns server etc.. Lastly can you check time information? is NTP configured on both source and secondary DC and do the times match?